Date: Mon, 21 Sep 2009 10:10:14 +0400 From: Solar Designer <solar@...nwall.com> To: announce@...ts.openwall.com Subject: [openwall-announce] JtR 220.127.116.11 and new JtR patches; crypt_blowfish, phpass updates Hi, This is to announce several somewhat-related news items at once. Some of these appeared on the Openwall website earlier: http://www.openwall.com/news 1. I've released John the Ripper 18.104.22.168, along with an update of the jumbo patch to this new version. Besides adding proper links to these new releases, I've also revised the JtR homepage to make it more focused on the currently relevant stuff: http://www.openwall.com/john/ http://www.openwall.com/lists/john-users/2009/09/08/1 The changes made since 22.214.171.124 are intended primarily for use by packagers of JtR, such as for *BSD "ports" and Linux distributions: http://www.openwall.com/john/doc/CHANGES.shtml Since version 126.96.36.199 has existed for a year and proved to be reliable, and since the changes between 188.8.131.52 and 184.108.40.206 are so minor, 220.127.116.11 is being declared the new "stable" release. 2. We have sort of a stable version of the jumbo patch now. The previous update, to version 18.104.22.168-all-6, was bugfix-only, and the new update to 22.214.171.124-jumbo-1 was just that, a mere update. http://www.openwall.com/lists/john-users/2009/08/31/1 I recommend everyone packaging JtR to update to 126.96.36.199 (and include running "make check" with its exit code check on your package build) and, if you have been including the jumbo patch, update that to the newly released version as well. 3. Erik Winkler has contributed Win32 and Mac OS X builds of John the Ripper 188.8.131.52 with revision 6 of the jumbo patch. These are now found on the contributed resources list on the John the Ripper homepage: http://www.openwall.com/john/#contrib http://www.openwall.com/lists/john-users/2009/09/01/10 4. Many unofficial John the Ripper patches have been developed lately, including JimF's generic MD5-based hash support stuff found on the wiki, and my generic crypt(3) support patch intended primarily as an interim solution for cracking the new glibc/Fedora/Ubuntu "SHA-crypt" hashes. JimF's contributions: http://www.openwall.com/lists/john-users/2009/09/06/2 http://openwall.info/wiki/john/patches My generic crypt(3) support patch: http://www.openwall.com/lists/john-users/2009/09/02/3 also available as john-184.108.40.206-generic-crypt-1.diff.gz in the FTP contrib directory: ftp://ftp.openwall.com/pub/projects/john/contrib/ Sorry, I haven't gotten around to integrating any of these into the jumbo patch yet (and it is not certain that all are suitable for that). 5. I've released minor updates of our password hashing frameworks, crypt_blowfish 1.0.3 (C/C++) and phpass 0.2 (PHP). Additionally, Dmitry V. Levin has developed a patch integrating crypt_blowfish into glibc 2.10.1, now linked from the crypt_blowfish homepage. (Previously, only patches for older versions of glibc were available.) http://www.openwall.com/crypt/ http://www.openwall.com/phpass/ That's all for now as it relates to our password security stuff. :-) Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.